Share Blog Post
- The U.S. Cyber Command is looking forward towards an analytics solution housed under a contract called RAINFIRE. The command issued a request for information to gain insights on joint analytics support capabilities. The analytics solution is poised to serve the Capabilities Development Group and further integrate with different collaborative IT initiatives. The overall purpose is to support the cyber warfighters employed by the Department of Defense.
- Researchers from the leading institutes of MIT and Harvard have come up with a new system that is tasked to improve the privacy in private browsing. The system has been named Veil and provides enhanced protection to the people sharing their computers with other people at different public or private venues like offices, hotels, business centers and even university computer centers. The new system can be integrated with the existing private-browsing systems and anonymity networks.
- Earlier this week, the US Marine Corps Force Reserve was at the receiving end of a major data breach that lead to the disclosure of sensitive information of over 21,000 Marines, sailors and civilians. The data breach occurred due to accidental exposure in an unencrypted email. The DoD’s Defense Travel System (DTS) sent an email, to a wrong distribution list, that included an attachment containing the sensitive information related to the affected people.
- The famous web-based hosting service GitHub suffered a massive 1.35 Tbps Denial of Service attack this week. GitHub got clogged and went down multiple times this week until the humongous traffic was moved to Akamai, the cloud computing company that was tasked to provide protection from such attacks. As per security analysts, such attacks would become the new normal in coming times.
- The infamous Equifax breach is still throwing up with new revelations. This week, the company discovered that additional 2.4 million U.S consumers that were affected by the cyber attack. As of now the total count of the affected has totaled to 147 million. In the newly discovered breach, the victims were found to have their sensitive details like names and partial driver’s license information stolen. The good news was that the hackers could not get their hands on their Social Security numbers.
- Security researchers have discovered a massive trove to data that was exposed due to an unprotected Amazon Web Services S3 bucket. The breach affects the company named Birst, a Cloud Business Intelligence and Analytics firm. The exposed database is 50.4 GB worth of data of one of Birst’s users Capital One, a McLean, Virginia based financial services giant and eighth-largest commercial bank in the United States. The leaked data contained technical information on Birst appliance specially configured for Capital One’s cyberinfrastructure.
- Researchers have discovered a new Remote Access Trojan (RAT) that has been written entirely in Python. The trojan is tasked to perform highly targeted attacks. Dubbed CannibalRAT, the trojan displays the signs of code cannibalization. Two variants of the trojan have been found with both of them having unsophisticated RAT capabilities. One of the versions of the trojan targeted the users of a Brazilian public sector management school.
- There has been a big shift in the threat landscape with hackers preferring crypto miners over ransomware in the late last season. However, new families of ransomware are still being discovered. This week, the security researchers found a new ransomware family dubbed Thanatos. When encrypting files on a computer, the malware appends the .THANATOS extension to them. After completing the encryption, the malware connects to a specific URL to report back, thus allowing attackers to keep track of the number of infected victims.
Posted on: March 02, 2018
Get the Weekly Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...